admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-22 18:00:49 +00:00
parent dc70ee9817
commit 516322f4cd
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 403 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2019/1010xxx/CVE-2019-1010218.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010218",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Latest Cherokee Web server",
"version": {
"version_data": [
{
"version_value": "Upto Version 1.2.103 (Current stable) [fixed: There's no fix yet]"
}
]
}
}
]
},
"vendor_name": "Cherokee Webserver"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 (Current stable) is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv[0] to an insane length with execl. The fixed version is: There's no fix yet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow - CWE-120"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://i.imgur.com/PWCCyir.png",
"refsource": "MISC",
"name": "https://i.imgur.com/PWCCyir.png"
}
]
}

66
2019/1010xxx/CVE-2019-1010220.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010220",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tcpdump",
"version": {
"version_data": [
{
"version_value": "4.9.2"
}
]
}
}
]
},
"vendor_name": "tcpdump.org"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126: Buffer Over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c",
"refsource": "MISC",
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c",
"refsource": "MISC",
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"refsource": "MISC",
"name": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c",
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
}
]
}

61
2019/1010xxx/CVE-2019-1010222.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010222",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "aubio",
"version": {
"version_data": [
{
"version_value": "0.4.8 and earlier [fixed: after commit eda95c9c22b4f0b466ae94c4708765eaae6e709e]"
}
]
}
}
]
},
"vendor_name": "aubio"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash. The component is: filterbank. The attack vector is: pass invalid arguments to new_aubio_filterbank. The fixed version is: after commit eda95c9c22b4f0b466ae94c4708765eaae6e709e."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/aubio/aubio/blob/0.4.8/src/spectral/mfcc.c#L79",
"refsource": "MISC",
"name": "https://github.com/aubio/aubio/blob/0.4.8/src/spectral/mfcc.c#L79"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/aubio/aubio/commit/eda95c9c22b4f0b466ae94c4708765eaae6e709e",
"url": "https://github.com/aubio/aubio/commit/eda95c9c22b4f0b466ae94c4708765eaae6e709e"
}
]
}

61
2019/1010xxx/CVE-2019-1010223.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010223",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "aubio",
"version": {
"version_data": [
{
"version_value": "0.4.8 and earlier [fixed: after commit b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5]"
}
]
}
}
]
},
"vendor_name": "aubio"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "aubio 0.4.8 and earlier is affected by: Buffer Overflow. The impact is: buffer overflow in strcpy. The component is: tempo. The fixed version is: after commit b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/aubio/aubio/blob/0.4.8/src/tempo/tempo.c#L208",
"refsource": "MISC",
"name": "https://github.com/aubio/aubio/blob/0.4.8/src/tempo/tempo.c#L208"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/aubio/aubio/commit/b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5",
"url": "https://github.com/aubio/aubio/commit/b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5"
}
]
}

61
2019/1010xxx/CVE-2019-1010224.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010224",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "aubio",
"version": {
"version_data": [
{
"version_value": "0.4.8 and earlier [fixed: after commit e4e0861cffbc8d3a53dcd18f9ae85797690d67c7]"
}
]
}
}
]
},
"vendor_name": "aubio"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash (DoS). The component is: onset. The fixed version is: after commit e4e0861cffbc8d3a53dcd18f9ae85797690d67c7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/aubio/aubio/blob/0.4.8/src/onset/onset.c#L59",
"refsource": "MISC",
"name": "https://github.com/aubio/aubio/blob/0.4.8/src/onset/onset.c#L59"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/aubio/aubio/commit/e4e0861cffbc8d3a53dcd18f9ae85797690d67c7",
"url": "https://github.com/aubio/aubio/commit/e4e0861cffbc8d3a53dcd18f9ae85797690d67c7"
}
]
}

70
2019/12xxx/CVE-2019-12327.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12327",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Akuvox_R50P.pdf",
"refsource": "MISC",
"name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Akuvox_R50P.pdf"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
}

70
2019/12xxx/CVE-2019-12328.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12328",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A command injection (missing input validation) issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Atcom_A10W.pdf",
"refsource": "MISC",
"name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Atcom_A10W.pdf"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:L/S:C/UI:N",
"version": "3.0"
}
}
}